terraconstructs 0.0.11 → 0.0.12

package/lib/aws/compute/network-acl-types.d.ts

@@ -0,0 +1,152 @@
+/**
+ * Either an IPv4 or an IPv6 CIDR
+ */
+export declare abstract class AclCidr {
+    /**
+     * An IP network range in CIDR notation (for example, 172.16.0.0/24).
+     */
+    static ipv4(ipv4Cidr: string): AclCidr;
+    /**
+     * The CIDR containing all IPv4 addresses (i.e., 0.0.0.0/0)
+     */
+    static anyIpv4(): AclCidr;
+    /**
+     * An IPv6 network range in CIDR notation (for example, 2001:db8::/48)
+     */
+    static ipv6(ipv6Cidr: string): AclCidr;
+    /**
+     * The CIDR containing all IPv6 addresses (i.e., ::/0)
+     */
+    static anyIpv6(): AclCidr;
+    abstract toCidrConfig(): AclCidrConfig;
+}
+/**
+ * Acl Configuration for CIDR
+ *
+ *
+ */
+export interface AclCidrConfig {
+    /**
+     * Ipv4 CIDR
+     */
+    readonly cidrBlock?: string;
+    /**
+     * Ipv6 CIDR
+     */
+    readonly ipv6CidrBlock?: string;
+}
+/**
+ * The traffic that is configured using a Network ACL entry
+ *
+ *
+ */
+export declare abstract class AclTraffic {
+    /**
+     * Apply the ACL entry to all traffic
+     */
+    static allTraffic(): AclTraffic;
+    /**
+     * Apply the ACL entry to ICMP traffic of given type and code
+     */
+    static icmp(props: AclIcmp): AclTraffic;
+    /**
+     * Apply the ACL entry to ICMPv6 traffic of given type and code
+     *
+     * Requires an IPv6 CIDR block.
+     */
+    static icmpv6(props: AclIcmp): AclTraffic;
+    /**
+     * Apply the ACL entry to TCP traffic on a given port
+     */
+    static tcpPort(port: number): AclTraffic;
+    /**
+     * Apply the ACL entry to TCP traffic on a given port range
+     */
+    static tcpPortRange(startPort: number, endPort: number): AclTraffic;
+    /**
+     * Apply the ACL entry to UDP traffic on a given port
+     */
+    static udpPort(port: number): AclTraffic;
+    /**
+     * Apply the ACL entry to UDP traffic on a given port range
+     */
+    static udpPortRange(startPort: number, endPort: number): AclTraffic;
+    abstract toTrafficConfig(): AclTrafficConfig;
+    abstract toTfTrafficConfig(): TfAclTrafficConfig;
+}
+export interface TfAclTrafficConfig {
+    readonly fromPort?: number;
+    readonly toPort?: number;
+    readonly icmpCode?: number;
+    readonly icmpType?: number;
+    readonly protocol: string;
+}
+/**
+ * Acl Configuration for traffic
+ *
+ *
+ */
+export interface AclTrafficConfig {
+    /**
+     * The Internet Control Message Protocol (ICMP) code and type.
+     *
+     * @default - Required if specifying 1 (ICMP) for the protocol parameter.
+     */
+    readonly icmp?: AclIcmp;
+    /**
+     * The range of port numbers for the UDP/TCP protocol.
+     *
+     * @default - Required if specifying 6 (TCP) or 17 (UDP) for the protocol parameter
+     */
+    readonly portRange?: AclPortRange;
+    /**
+     * The protocol number.
+     *
+     * A value of "-1" means all protocols.
+     *
+     * If you specify "-1" or a protocol number other than "6" (TCP), "17" (UDP),
+     * or "1" (ICMP), traffic on all ports is allowed, regardless of any ports or
+     * ICMP types or codes that you specify.
+     *
+     * If you specify protocol "58" (ICMPv6) and specify an IPv4 CIDR
+     * block, traffic for all ICMP types and codes allowed, regardless of any that
+     * you specify. If you specify protocol "58" (ICMPv6) and specify an IPv6 CIDR
+     * block, you must specify an ICMP type and code.
+     *
+     * @default 17
+     */
+    readonly protocol: number;
+}
+/**
+ * Properties to create Icmp
+ *
+ *
+ */
+export interface AclIcmp {
+    /**
+     * The Internet Control Message Protocol (ICMP) type. You can use -1 to specify all ICMP types.
+     * Conditional requirement: Required if you specify 1 (ICMP) for the CreateNetworkAclEntry protocol parameter.
+     */
+    readonly type?: number;
+    /**
+     * The Internet Control Message Protocol (ICMP) code. You can use -1 to specify all ICMP
+     * codes for the given ICMP type. Requirement is conditional: Required if you
+     * specify 1 (ICMP) for the protocol parameter.
+     */
+    readonly code?: number;
+}
+/**
+ * Properties to create PortRange
+ *
+ *
+ */
+export interface AclPortRange {
+    /**
+     * The first port in the range. Required if you specify 6 (TCP) or 17 (UDP) for the protocol parameter.
+     */
+    readonly from?: number;
+    /**
+     * The last port in the range. Required if you specify 6 (TCP) or 17 (UDP) for the protocol parameter.
+     */
+    readonly to?: number;
+}

package/lib/aws/compute/network-acl-types.js

@@ -0,0 +1,156 @@
+"use strict";
+var _a, _b;
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AclTraffic = exports.AclCidr = void 0;
+const JSII_RTTI_SYMBOL_1 = Symbol.for("jsii.rtti");
+// https://github.com/aws/aws-cdk/blob/v2.175.1/packages/aws-cdk-lib/aws-ec2/lib/network-acl-types.ts
+/**
+ * Either an IPv4 or an IPv6 CIDR
+ */
+class AclCidr {
+    /**
+     * An IP network range in CIDR notation (for example, 172.16.0.0/24).
+     */
+    static ipv4(ipv4Cidr) {
+        return new AclCidrImpl({
+            cidrBlock: ipv4Cidr,
+        });
+    }
+    /**
+     * The CIDR containing all IPv4 addresses (i.e., 0.0.0.0/0)
+     */
+    static anyIpv4() {
+        return AclCidr.ipv4("0.0.0.0/0");
+    }
+    /**
+     * An IPv6 network range in CIDR notation (for example, 2001:db8::/48)
+     */
+    static ipv6(ipv6Cidr) {
+        return new AclCidrImpl({
+            ipv6CidrBlock: ipv6Cidr,
+        });
+    }
+    /**
+     * The CIDR containing all IPv6 addresses (i.e., ::/0)
+     */
+    static anyIpv6() {
+        return AclCidr.ipv6("::/0");
+    }
+}
+exports.AclCidr = AclCidr;
+_a = JSII_RTTI_SYMBOL_1;
+AclCidr[_a] = { fqn: "terraconstructs.aws.compute.AclCidr", version: "0.0.12" };
+class AclCidrImpl extends AclCidr {
+    constructor(config) {
+        super();
+        this.config = config;
+    }
+    toCidrConfig() {
+        return this.config;
+    }
+}
+/**
+ * The traffic that is configured using a Network ACL entry
+ *
+ *
+ */
+class AclTraffic {
+    /**
+     * Apply the ACL entry to all traffic
+     */
+    static allTraffic() {
+        return new AclTrafficImpl({
+            protocol: -1,
+        });
+    }
+    /**
+     * Apply the ACL entry to ICMP traffic of given type and code
+     */
+    static icmp(props) {
+        return new AclTrafficImpl({
+            protocol: 1,
+            icmp: props,
+        });
+    }
+    /**
+     * Apply the ACL entry to ICMPv6 traffic of given type and code
+     *
+     * Requires an IPv6 CIDR block.
+     */
+    static icmpv6(props) {
+        return new AclTrafficImpl({
+            protocol: 58,
+            icmp: props,
+        });
+    }
+    /**
+     * Apply the ACL entry to TCP traffic on a given port
+     */
+    static tcpPort(port) {
+        return new AclTrafficImpl({
+            protocol: 6,
+            portRange: {
+                from: port,
+                to: port,
+            },
+        });
+    }
+    /**
+     * Apply the ACL entry to TCP traffic on a given port range
+     */
+    static tcpPortRange(startPort, endPort) {
+        return new AclTrafficImpl({
+            protocol: 6,
+            portRange: {
+                from: startPort,
+                to: endPort,
+            },
+        });
+    }
+    /**
+     * Apply the ACL entry to UDP traffic on a given port
+     */
+    static udpPort(port) {
+        return new AclTrafficImpl({
+            protocol: 17,
+            portRange: {
+                from: port,
+                to: port,
+            },
+        });
+    }
+    /**
+     * Apply the ACL entry to UDP traffic on a given port range
+     */
+    static udpPortRange(startPort, endPort) {
+        return new AclTrafficImpl({
+            protocol: 17,
+            portRange: {
+                from: startPort,
+                to: endPort,
+            },
+        });
+    }
+}
+exports.AclTraffic = AclTraffic;
+_b = JSII_RTTI_SYMBOL_1;
+AclTraffic[_b] = { fqn: "terraconstructs.aws.compute.AclTraffic", version: "0.0.12" };
+class AclTrafficImpl extends AclTraffic {
+    constructor(config) {
+        super();
+        this.config = config;
+    }
+    toTrafficConfig() {
+        return this.config;
+    }
+    toTfTrafficConfig() {
+        return {
+            fromPort: this.config.portRange?.from,
+            toPort: this.config.portRange?.to,
+            icmpCode: this.config.icmp?.code,
+            icmpType: this.config.icmp?.type,
+            protocol: this.config.protocol.toString(),
+        };
+    }
+}
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoibmV0d29yay1hY2wtdHlwZXMuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi9zcmMvYXdzL2NvbXB1dGUvbmV0d29yay1hY2wtdHlwZXMudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7QUFBQSxxR0FBcUc7QUFFckc7O0dBRUc7QUFDSCxNQUFzQixPQUFPO0lBQzNCOztPQUVHO0lBQ0ksTUFBTSxDQUFDLElBQUksQ0FBQyxRQUFnQjtRQUNqQyxPQUFPLElBQUksV0FBVyxDQUFDO1lBQ3JCLFNBQVMsRUFBRSxRQUFRO1NBQ3BCLENBQUMsQ0FBQztJQUNMLENBQUM7SUFFRDs7T0FFRztJQUNJLE1BQU0sQ0FBQyxPQUFPO1FBQ25CLE9BQU8sT0FBTyxDQUFDLElBQUksQ0FBQyxXQUFXLENBQUMsQ0FBQztJQUNuQyxDQUFDO0lBRUQ7O09BRUc7SUFDSSxNQUFNLENBQUMsSUFBSSxDQUFDLFFBQWdCO1FBQ2pDLE9BQU8sSUFBSSxXQUFXLENBQUM7WUFDckIsYUFBYSxFQUFFLFFBQVE7U0FDeEIsQ0FBQyxDQUFDO0lBQ0wsQ0FBQztJQUVEOztPQUVHO0lBQ0ksTUFBTSxDQUFDLE9BQU87UUFDbkIsT0FBTyxPQUFPLENBQUMsSUFBSSxDQUFDLE1BQU0sQ0FBQyxDQUFDO0lBQzlCLENBQUM7O0FBL0JILDBCQWtDQzs7O0FBRUQsTUFBTSxXQUFZLFNBQVEsT0FBTztJQUMvQixZQUE2QixNQUFxQjtRQUNoRCxLQUFLLEVBQUUsQ0FBQztRQURtQixXQUFNLEdBQU4sTUFBTSxDQUFlO0lBRWxELENBQUM7SUFFTSxZQUFZO1FBQ2pCLE9BQU8sSUFBSSxDQUFDLE1BQU0sQ0FBQztJQUNyQixDQUFDO0NBQ0Y7QUFtQkQ7Ozs7R0FJRztBQUNILE1BQXNCLFVBQVU7SUFDOUI7O09BRUc7SUFDSSxNQUFNLENBQUMsVUFBVTtRQUN0QixPQUFPLElBQUksY0FBYyxDQUFDO1lBQ3hCLFFBQVEsRUFBRSxDQUFDLENBQUM7U0FDYixDQUFDLENBQUM7SUFDTCxDQUFDO0lBRUQ7O09BRUc7SUFDSSxNQUFNLENBQUMsSUFBSSxDQUFDLEtBQWM7UUFDL0IsT0FBTyxJQUFJLGNBQWMsQ0FBQztZQUN4QixRQUFRLEVBQUUsQ0FBQztZQUNYLElBQUksRUFBRSxLQUFLO1NBQ1osQ0FBQyxDQUFDO0lBQ0wsQ0FBQztJQUVEOzs7O09BSUc7SUFDSSxNQUFNLENBQUMsTUFBTSxDQUFDLEtBQWM7UUFDakMsT0FBTyxJQUFJLGNBQWMsQ0FBQztZQUN4QixRQUFRLEVBQUUsRUFBRTtZQUNaLElBQUksRUFBRSxLQUFLO1NBQ1osQ0FBQyxDQUFDO0lBQ0wsQ0FBQztJQUVEOztPQUVHO0lBQ0ksTUFBTSxDQUFDLE9BQU8sQ0FBQyxJQUFZO1FBQ2hDLE9BQU8sSUFBSSxjQUFjLENBQUM7WUFDeEIsUUFBUSxFQUFFLENBQUM7WUFDWCxTQUFTLEVBQUU7Z0JBQ1QsSUFBSSxFQUFFLElBQUk7Z0JBQ1YsRUFBRSxFQUFFLElBQUk7YUFDVDtTQUNGLENBQUMsQ0FBQztJQUNMLENBQUM7SUFFRDs7T0FFRztJQUNJLE1BQU0sQ0FBQyxZQUFZLENBQUMsU0FBaUIsRUFBRSxPQUFlO1FBQzNELE9BQU8sSUFBSSxjQUFjLENBQUM7WUFDeEIsUUFBUSxFQUFFLENBQUM7WUFDWCxTQUFTLEVBQUU7Z0JBQ1QsSUFBSSxFQUFFLFNBQVM7Z0JBQ2YsRUFBRSxFQUFFLE9BQU87YUFDWjtTQUNGLENBQUMsQ0FBQztJQUNMLENBQUM7SUFFRDs7T0FFRztJQUNJLE1BQU0sQ0FBQyxPQUFPLENBQUMsSUFBWTtRQUNoQyxPQUFPLElBQUksY0FBYyxDQUFDO1lBQ3hCLFFBQVEsRUFBRSxFQUFFO1lBQ1osU0FBUyxFQUFFO2dCQUNULElBQUksRUFBRSxJQUFJO2dCQUNWLEVBQUUsRUFBRSxJQUFJO2FBQ1Q7U0FDRixDQUFDLENBQUM7SUFDTCxDQUFDO0lBRUQ7O09BRUc7SUFDSSxNQUFNLENBQUMsWUFBWSxDQUFDLFNBQWlCLEVBQUUsT0FBZTtRQUMzRCxPQUFPLElBQUksY0FBYyxDQUFDO1lBQ3hCLFFBQVEsRUFBRSxFQUFFO1lBQ1osU0FBUyxFQUFFO2dCQUNULElBQUksRUFBRSxTQUFTO2dCQUNmLEVBQUUsRUFBRSxPQUFPO2FBQ1o7U0FDRixDQUFDLENBQUM7SUFDTCxDQUFDOztBQWxGSCxnQ0FzRkM7OztBQUVELE1BQU0sY0FBZSxTQUFRLFVBQVU7SUFDckMsWUFBNkIsTUFBd0I7UUFDbkQsS0FBSyxFQUFFLENBQUM7UUFEbUIsV0FBTSxHQUFOLE1BQU0sQ0FBa0I7SUFFckQsQ0FBQztJQUVNLGVBQWU7UUFDcEIsT0FBTyxJQUFJLENBQUMsTUFBTSxDQUFDO0lBQ3JCLENBQUM7SUFFTSxpQkFBaUI7UUFDdEIsT0FBTztZQUNMLFFBQVEsRUFBRSxJQUFJLENBQUMsTUFBTSxDQUFDLFNBQVMsRUFBRSxJQUFJO1lBQ3JDLE1BQU0sRUFBRSxJQUFJLENBQUMsTUFBTSxDQUFDLFNBQVMsRUFBRSxFQUFFO1lBQ2pDLFFBQVEsRUFBRSxJQUFJLENBQUMsTUFBTSxDQUFDLElBQUksRUFBRSxJQUFJO1lBQ2hDLFFBQVEsRUFBRSxJQUFJLENBQUMsTUFBTSxDQUFDLElBQUksRUFBRSxJQUFJO1lBQ2hDLFFBQVEsRUFBRSxJQUFJLENBQUMsTUFBTSxDQUFDLFFBQVEsQ0FBQyxRQUFRLEVBQUU7U0FDMUMsQ0FBQztJQUNKLENBQUM7Q0FDRiIsInNvdXJjZXNDb250ZW50IjpbIi8vIGh0dHBzOi8vZ2l0aHViLmNvbS9hd3MvYXdzLWNkay9ibG9iL3YyLjE3NS4xL3BhY2thZ2VzL2F3cy1jZGstbGliL2F3cy1lYzIvbGliL25ldHdvcmstYWNsLXR5cGVzLnRzXG5cbi8qKlxuICogRWl0aGVyIGFuIElQdjQgb3IgYW4gSVB2NiBDSURSXG4gKi9cbmV4cG9ydCBhYnN0cmFjdCBjbGFzcyBBY2xDaWRyIHtcbiAgLyoqXG4gICAqIEFuIElQIG5ldHdvcmsgcmFuZ2UgaW4gQ0lEUiBub3RhdGlvbiAoZm9yIGV4YW1wbGUsIDE3Mi4xNi4wLjAvMjQpLlxuICAgKi9cbiAgcHVibGljIHN0YXRpYyBpcHY0KGlwdjRDaWRyOiBzdHJpbmcpOiBBY2xDaWRyIHtcbiAgICByZXR1cm4gbmV3IEFjbENpZHJJbXBsKHtcbiAgICAgIGNpZHJCbG9jazogaXB2NENpZHIsXG4gICAgfSk7XG4gIH1cblxuICAvKipcbiAgICogVGhlIENJRFIgY29udGFpbmluZyBhbGwgSVB2NCBhZGRyZXNzZXMgKGkuZS4sIDAuMC4wLjAvMClcbiAgICovXG4gIHB1YmxpYyBzdGF0aWMgYW55SXB2NCgpOiBBY2xDaWRyIHtcbiAgICByZXR1cm4gQWNsQ2lkci5pcHY0KFwiMC4wLjAuMC8wXCIpO1xuICB9XG5cbiAgLyoqXG4gICAqIEFuIElQdjYgbmV0d29yayByYW5nZSBpbiBDSURSIG5vdGF0aW9uIChmb3IgZXhhbXBsZSwgMjAwMTpkYjg6Oi80OClcbiAgICovXG4gIHB1YmxpYyBzdGF0aWMgaXB2NihpcHY2Q2lkcjogc3RyaW5nKTogQWNsQ2lkciB7XG4gICAgcmV0dXJuIG5ldyBBY2xDaWRySW1wbCh7XG4gICAgICBpcHY2Q2lkckJsb2NrOiBpcHY2Q2lkcixcbiAgICB9KTtcbiAgfVxuXG4gIC8qKlxuICAgKiBUaGUgQ0lEUiBjb250YWluaW5nIGFsbCBJUHY2IGFkZHJlc3NlcyAoaS5lLiwgOjovMClcbiAgICovXG4gIHB1YmxpYyBzdGF0aWMgYW55SXB2NigpOiBBY2xDaWRyIHtcbiAgICByZXR1cm4gQWNsQ2lkci5pcHY2KFwiOjovMFwiKTtcbiAgfVxuXG4gIHB1YmxpYyBhYnN0cmFjdCB0b0NpZHJDb25maWcoKTogQWNsQ2lkckNvbmZpZztcbn1cblxuY2xhc3MgQWNsQ2lkckltcGwgZXh0ZW5kcyBBY2xDaWRyIHtcbiAgY29uc3RydWN0b3IocHJpdmF0ZSByZWFkb25seSBjb25maWc6IEFjbENpZHJDb25maWcpIHtcbiAgICBzdXBlcigpO1xuICB9XG5cbiAgcHVibGljIHRvQ2lkckNvbmZpZygpOiBBY2xDaWRyQ29uZmlnIHtcbiAgICByZXR1cm4gdGhpcy5jb25maWc7XG4gIH1cbn1cblxuLyoqXG4gKiBBY2wgQ29uZmlndXJhdGlvbiBmb3IgQ0lEUlxuICpcbiAqXG4gKi9cbmV4cG9ydCBpbnRlcmZhY2UgQWNsQ2lkckNvbmZpZyB7XG4gIC8qKlxuICAgKiBJcHY0IENJRFJcbiAgICovXG4gIHJlYWRvbmx5IGNpZHJCbG9jaz86IHN0cmluZztcblxuICAvKipcbiAgICogSXB2NiBDSURSXG4gICAqL1xuICByZWFkb25seSBpcHY2Q2lkckJsb2NrPzogc3RyaW5nO1xufVxuXG4vKipcbiAqIFRoZSB0cmFmZmljIHRoYXQgaXMgY29uZmlndXJlZCB1c2luZyBhIE5ldHdvcmsgQUNMIGVudHJ5XG4gKlxuICpcbiAqL1xuZXhwb3J0IGFic3RyYWN0IGNsYXNzIEFjbFRyYWZmaWMge1xuICAvKipcbiAgICogQXBwbHkgdGhlIEFDTCBlbnRyeSB0byBhbGwgdHJhZmZpY1xuICAgKi9cbiAgcHVibGljIHN0YXRpYyBhbGxUcmFmZmljKCk6IEFjbFRyYWZmaWMge1xuICAgIHJldHVybiBuZXcgQWNsVHJhZmZpY0ltcGwoe1xuICAgICAgcHJvdG9jb2w6IC0xLFxuICAgIH0pO1xuICB9XG5cbiAgLyoqXG4gICAqIEFwcGx5IHRoZSBBQ0wgZW50cnkgdG8gSUNNUCB0cmFmZmljIG9mIGdpdmVuIHR5cGUgYW5kIGNvZGVcbiAgICovXG4gIHB1YmxpYyBzdGF0aWMgaWNtcChwcm9wczogQWNsSWNtcCk6IEFjbFRyYWZmaWMge1xuICAgIHJldHVybiBuZXcgQWNsVHJhZmZpY0ltcGwoe1xuICAgICAgcHJvdG9jb2w6IDEsXG4gICAgICBpY21wOiBwcm9wcyxcbiAgICB9KTtcbiAgfVxuXG4gIC8qKlxuICAgKiBBcHBseSB0aGUgQUNMIGVudHJ5IHRvIElDTVB2NiB0cmFmZmljIG9mIGdpdmVuIHR5cGUgYW5kIGNvZGVcbiAgICpcbiAgICogUmVxdWlyZXMgYW4gSVB2NiBDSURSIGJsb2NrLlxuICAgKi9cbiAgcHVibGljIHN0YXRpYyBpY21wdjYocHJvcHM6IEFjbEljbXApOiBBY2xUcmFmZmljIHtcbiAgICByZXR1cm4gbmV3IEFjbFRyYWZmaWNJbXBsKHtcbiAgICAgIHByb3RvY29sOiA1OCxcbiAgICAgIGljbXA6IHByb3BzLFxuICAgIH0pO1xuICB9XG5cbiAgLyoqXG4gICAqIEFwcGx5IHRoZSBBQ0wgZW50cnkgdG8gVENQIHRyYWZmaWMgb24gYSBnaXZlbiBwb3J0XG4gICAqL1xuICBwdWJsaWMgc3RhdGljIHRjcFBvcnQocG9ydDogbnVtYmVyKTogQWNsVHJhZmZpYyB7XG4gICAgcmV0dXJuIG5ldyBBY2xUcmFmZmljSW1wbCh7XG4gICAgICBwcm90b2NvbDogNixcbiAgICAgIHBvcnRSYW5nZToge1xuICAgICAgICBmcm9tOiBwb3J0LFxuICAgICAgICB0bzogcG9ydCxcbiAgICAgIH0sXG4gICAgfSk7XG4gIH1cblxuICAvKipcbiAgICogQXBwbHkgdGhlIEFDTCBlbnRyeSB0byBUQ1AgdHJhZmZpYyBvbiBhIGdpdmVuIHBvcnQgcmFuZ2VcbiAgICovXG4gIHB1YmxpYyBzdGF0aWMgdGNwUG9ydFJhbmdlKHN0YXJ0UG9ydDogbnVtYmVyLCBlbmRQb3J0OiBudW1iZXIpOiBBY2xUcmFmZmljIHtcbiAgICByZXR1cm4gbmV3IEFjbFRyYWZmaWNJbXBsKHtcbiAgICAgIHByb3RvY29sOiA2LFxuICAgICAgcG9ydFJhbmdlOiB7XG4gICAgICAgIGZyb206IHN0YXJ0UG9ydCxcbiAgICAgICAgdG86IGVuZFBvcnQsXG4gICAgICB9LFxuICAgIH0pO1xuICB9XG5cbiAgLyoqXG4gICAqIEFwcGx5IHRoZSBBQ0wgZW50cnkgdG8gVURQIHRyYWZmaWMgb24gYSBnaXZlbiBwb3J0XG4gICAqL1xuICBwdWJsaWMgc3RhdGljIHVkcFBvcnQocG9ydDogbnVtYmVyKTogQWNsVHJhZmZpYyB7XG4gICAgcmV0dXJuIG5ldyBBY2xUcmFmZmljSW1wbCh7XG4gICAgICBwcm90b2NvbDogMTcsXG4gICAgICBwb3J0UmFuZ2U6IHtcbiAgICAgICAgZnJvbTogcG9ydCxcbiAgICAgICAgdG86IHBvcnQsXG4gICAgICB9LFxuICAgIH0pO1xuICB9XG5cbiAgLyoqXG4gICAqIEFwcGx5IHRoZSBBQ0wgZW50cnkgdG8gVURQIHRyYWZmaWMgb24gYSBnaXZlbiBwb3J0IHJhbmdlXG4gICAqL1xuICBwdWJsaWMgc3RhdGljIHVkcFBvcnRSYW5nZShzdGFydFBvcnQ6IG51bWJlciwgZW5kUG9ydDogbnVtYmVyKTogQWNsVHJhZmZpYyB7XG4gICAgcmV0dXJuIG5ldyBBY2xUcmFmZmljSW1wbCh7XG4gICAgICBwcm90b2NvbDogMTcsXG4gICAgICBwb3J0UmFuZ2U6IHtcbiAgICAgICAgZnJvbTogc3RhcnRQb3J0LFxuICAgICAgICB0bzogZW5kUG9ydCxcbiAgICAgIH0sXG4gICAgfSk7XG4gIH1cblxuICBwdWJsaWMgYWJzdHJhY3QgdG9UcmFmZmljQ29uZmlnKCk6IEFjbFRyYWZmaWNDb25maWc7XG4gIHB1YmxpYyBhYnN0cmFjdCB0b1RmVHJhZmZpY0NvbmZpZygpOiBUZkFjbFRyYWZmaWNDb25maWc7XG59XG5cbmNsYXNzIEFjbFRyYWZmaWNJbXBsIGV4dGVuZHMgQWNsVHJhZmZpYyB7XG4gIGNvbnN0cnVjdG9yKHByaXZhdGUgcmVhZG9ubHkgY29uZmlnOiBBY2xUcmFmZmljQ29uZmlnKSB7XG4gICAgc3VwZXIoKTtcbiAgfVxuXG4gIHB1YmxpYyB0b1RyYWZmaWNDb25maWcoKTogQWNsVHJhZmZpY0NvbmZpZyB7XG4gICAgcmV0dXJuIHRoaXMuY29uZmlnO1xuICB9XG5cbiAgcHVibGljIHRvVGZUcmFmZmljQ29uZmlnKCk6IFRmQWNsVHJhZmZpY0NvbmZpZyB7XG4gICAgcmV0dXJuIHtcbiAgICAgIGZyb21Qb3J0OiB0aGlzLmNvbmZpZy5wb3J0UmFuZ2U/LmZyb20sXG4gICAgICB0b1BvcnQ6IHRoaXMuY29uZmlnLnBvcnRSYW5nZT8udG8sXG4gICAgICBpY21wQ29kZTogdGhpcy5jb25maWcuaWNtcD8uY29kZSxcbiAgICAgIGljbXBUeXBlOiB0aGlzLmNvbmZpZy5pY21wPy50eXBlLFxuICAgICAgcHJvdG9jb2w6IHRoaXMuY29uZmlnLnByb3RvY29sLnRvU3RyaW5nKCksXG4gICAgfTtcbiAgfVxufVxuXG5leHBvcnQgaW50ZXJmYWNlIFRmQWNsVHJhZmZpY0NvbmZpZyB7XG4gIHJlYWRvbmx5IGZyb21Qb3J0PzogbnVtYmVyO1xuICByZWFkb25seSB0b1BvcnQ/OiBudW1iZXI7XG4gIHJlYWRvbmx5IGljbXBDb2RlPzogbnVtYmVyO1xuICByZWFkb25seSBpY21wVHlwZT86IG51bWJlcjtcbiAgcmVhZG9ubHkgcHJvdG9jb2w6IHN0cmluZztcbn1cblxuLyoqXG4gKiBBY2wgQ29uZmlndXJhdGlvbiBmb3IgdHJhZmZpY1xuICpcbiAqXG4gKi9cbmV4cG9ydCBpbnRlcmZhY2UgQWNsVHJhZmZpY0NvbmZpZyB7XG4gIC8qKlxuICAgKiBUaGUgSW50ZXJuZXQgQ29udHJvbCBNZXNzYWdlIFByb3RvY29sIChJQ01QKSBjb2RlIGFuZCB0eXBlLlxuICAgKlxuICAgKiBAZGVmYXVsdCAtIFJlcXVpcmVkIGlmIHNwZWNpZnlpbmcgMSAoSUNNUCkgZm9yIHRoZSBwcm90b2NvbCBwYXJhbWV0ZXIuXG4gICAqL1xuICByZWFkb25seSBpY21wPzogQWNsSWNtcDtcblxuICAvKipcbiAgICogVGhlIHJhbmdlIG9mIHBvcnQgbnVtYmVycyBmb3IgdGhlIFVEUC9UQ1AgcHJvdG9jb2wuXG4gICAqXG4gICAqIEBkZWZhdWx0IC0gUmVxdWlyZWQgaWYgc3BlY2lmeWluZyA2IChUQ1ApIG9yIDE3IChVRFApIGZvciB0aGUgcHJvdG9jb2wgcGFyYW1ldGVyXG4gICAqL1xuICByZWFkb25seSBwb3J0UmFuZ2U/OiBBY2xQb3J0UmFuZ2U7XG5cbiAgLyoqXG4gICAqIFRoZSBwcm90b2NvbCBudW1iZXIuXG4gICAqXG4gICAqIEEgdmFsdWUgb2YgXCItMVwiIG1lYW5zIGFsbCBwcm90b2NvbHMuXG4gICAqXG4gICAqIElmIHlvdSBzcGVjaWZ5IFwiLTFcIiBvciBhIHByb3RvY29sIG51bWJlciBvdGhlciB0aGFuIFwiNlwiIChUQ1ApLCBcIjE3XCIgKFVEUCksXG4gICAqIG9yIFwiMVwiIChJQ01QKSwgdHJhZmZpYyBvbiBhbGwgcG9ydHMgaXMgYWxsb3dlZCwgcmVnYXJkbGVzcyBvZiBhbnkgcG9ydHMgb3JcbiAgICogSUNNUCB0eXBlcyBvciBjb2RlcyB0aGF0IHlvdSBzcGVjaWZ5LlxuICAgKlxuICAgKiBJZiB5b3Ugc3BlY2lmeSBwcm90b2NvbCBcIjU4XCIgKElDTVB2NikgYW5kIHNwZWNpZnkgYW4gSVB2NCBDSURSXG4gICAqIGJsb2NrLCB0cmFmZmljIGZvciBhbGwgSUNNUCB0eXBlcyBhbmQgY29kZXMgYWxsb3dlZCwgcmVnYXJkbGVzcyBvZiBhbnkgdGhhdFxuICAgKiB5b3Ugc3BlY2lmeS4gSWYgeW91IHNwZWNpZnkgcHJvdG9jb2wgXCI1OFwiIChJQ01QdjYpIGFuZCBzcGVjaWZ5IGFuIElQdjYgQ0lEUlxuICAgKiBibG9jaywgeW91IG11c3Qgc3BlY2lmeSBhbiBJQ01QIHR5cGUgYW5kIGNvZGUuXG4gICAqXG4gICAqIEBkZWZhdWx0IDE3XG4gICAqL1xuICByZWFkb25seSBwcm90b2NvbDogbnVtYmVyO1xufVxuXG4vKipcbiAqIFByb3BlcnRpZXMgdG8gY3JlYXRlIEljbXBcbiAqXG4gKlxuICovXG5leHBvcnQgaW50ZXJmYWNlIEFjbEljbXAge1xuICAvKipcbiAgICogVGhlIEludGVybmV0IENvbnRyb2wgTWVzc2FnZSBQcm90b2NvbCAoSUNNUCkgdHlwZS4gWW91IGNhbiB1c2UgLTEgdG8gc3BlY2lmeSBhbGwgSUNNUCB0eXBlcy5cbiAgICogQ29uZGl0aW9uYWwgcmVxdWlyZW1lbnQ6IFJlcXVpcmVkIGlmIHlvdSBzcGVjaWZ5IDEgKElDTVApIGZvciB0aGUgQ3JlYXRlTmV0d29ya0FjbEVudHJ5IHByb3RvY29sIHBhcmFtZXRlci5cbiAgICovXG4gIHJlYWRvbmx5IHR5cGU/OiBudW1iZXI7XG5cbiAgLyoqXG4gICAqIFRoZSBJbnRlcm5ldCBDb250cm9sIE1lc3NhZ2UgUHJvdG9jb2wgKElDTVApIGNvZGUuIFlvdSBjYW4gdXNlIC0xIHRvIHNwZWNpZnkgYWxsIElDTVBcbiAgICogY29kZXMgZm9yIHRoZSBnaXZlbiBJQ01QIHR5cGUuIFJlcXVpcmVtZW50IGlzIGNvbmRpdGlvbmFsOiBSZXF1aXJlZCBpZiB5b3VcbiAgICogc3BlY2lmeSAxIChJQ01QKSBmb3IgdGhlIHByb3RvY29sIHBhcmFtZXRlci5cbiAgICovXG4gIHJlYWRvbmx5IGNvZGU/OiBudW1iZXI7XG59XG5cbi8qKlxuICogUHJvcGVydGllcyB0byBjcmVhdGUgUG9ydFJhbmdlXG4gKlxuICpcbiAqL1xuZXhwb3J0IGludGVyZmFjZSBBY2xQb3J0UmFuZ2Uge1xuICAvKipcbiAgICogVGhlIGZpcnN0IHBvcnQgaW4gdGhlIHJhbmdlLiBSZXF1aXJlZCBpZiB5b3Ugc3BlY2lmeSA2IChUQ1ApIG9yIDE3IChVRFApIGZvciB0aGUgcHJvdG9jb2wgcGFyYW1ldGVyLlxuICAgKi9cbiAgcmVhZG9ubHkgZnJvbT86IG51bWJlcjtcblxuICAvKipcbiAgICogVGhlIGxhc3QgcG9ydCBpbiB0aGUgcmFuZ2UuIFJlcXVpcmVkIGlmIHlvdSBzcGVjaWZ5IDYgKFRDUCkgb3IgMTcgKFVEUCkgZm9yIHRoZSBwcm90b2NvbCBwYXJhbWV0ZXIuXG4gICAqL1xuICByZWFkb25seSB0bz86IG51bWJlcjtcbn1cbiJdfQ==

package/lib/aws/compute/network-acl.d.ts

@@ -0,0 +1,285 @@
+import { networkAclRule as tfNetworkAclRule } from "@cdktf/provider-aws";
+import { Construct } from "constructs";
+import { AclCidr, AclTraffic } from "./network-acl-types";
+import { ISubnet, IVpc, SubnetSelection } from "./vpc";
+import { IAwsConstruct, AwsConstructBase, AwsConstructProps } from "../aws-construct";
+export interface NetworkAclOutputs {
+    /**
+     * The ID of the NetworkACL
+     */
+    readonly networkAclId: string;
+}
+/**
+ * A NetworkAcl
+ *
+ *
+ */
+export interface INetworkAcl extends IAwsConstruct {
+    readonly networkAclOutputs: NetworkAclOutputs;
+    /**
+     * ID for the current Network ACL
+     * @attribute
+     */
+    readonly networkAclId: string;
+    /**
+     * Add a new entry to the ACL
+     */
+    addEntry(id: string, options: CommonNetworkAclEntryOptions): NetworkAclEntry;
+}
+/**
+ * A NetworkAclBase that is not created in this template
+ *
+ *
+ */
+declare abstract class NetworkAclBase extends AwsConstructBase implements INetworkAcl {
+    get networkAclOutputs(): NetworkAclOutputs;
+    get outputs(): Record<string, any>;
+    abstract readonly networkAclId: string;
+    /**
+     * Add a new entry to the ACL
+     */
+    addEntry(id: string, options: CommonNetworkAclEntryOptions): NetworkAclEntry;
+}
+/**
+ * Properties to create NetworkAcl
+ *
+ *
+ */
+export interface NetworkAclProps {
+    /**
+     * The name of the NetworkAcl.
+     *
+     * Since the NetworkAcl resource doesn't support providing a physical name, the value provided here will be recorded in the `Name` tag.
+     *
+     * @default CDK generated name
+     */
+    readonly networkAclName?: string;
+    /**
+     * The VPC in which to create the NetworkACL.
+     */
+    readonly vpc: IVpc;
+    /**
+     * Subnets in the given VPC to associate the ACL with
+     *
+     * More subnets can always be added later by calling
+     * `associateWithSubnets()`.
+     *
+     * @default - No subnets associated
+     */
+    readonly subnetSelection?: SubnetSelection;
+}
+/**
+ * Define a new custom network ACL
+ *
+ * By default, will deny all inbound and outbound traffic unless entries are
+ * added explicitly allowing it.
+ *
+ *
+ */
+export declare class NetworkAcl extends NetworkAclBase {
+    /**
+     * Import an existing NetworkAcl into this app.
+     */
+    static fromNetworkAclId(scope: Construct, id: string, networkAclId: string): INetworkAcl;
+    /**
+     * The ID of the NetworkACL
+     *
+     * @attribute
+     */
+    readonly networkAclId: string;
+    /**
+     * The VPC ID for this NetworkACL
+     *
+     * @attribute
+     */
+    readonly networkAclVpcId: string;
+    private readonly networkAcl;
+    private readonly vpc;
+    constructor(scope: Construct, id: string, props: NetworkAclProps);
+    /**
+     * Associate the ACL with a given set of subnets
+     */
+    associateWithSubnet(id: string, selection: SubnetSelection): void;
+}
+/**
+ * What action to apply to traffic matching the ACL
+ *
+ *
+ */
+export declare enum Action {
+    /**
+     * Allow the traffic
+     */
+    ALLOW = "allow",
+    /**
+     * Deny the traffic
+     */
+    DENY = "deny"
+}
+export interface NetworkAclEntryOutputs {
+    /**
+     * The ID of the NetworkACL
+     */
+    readonly networkAclId: string;
+}
+/**
+ * A NetworkAclEntry
+ *
+ *
+ */
+export interface INetworkAclEntry extends IAwsConstruct {
+    readonly networkAclEntryOutputs: NetworkAclEntryOutputs;
+    /**
+     * The network ACL.
+     */
+    readonly networkAcl: INetworkAcl;
+}
+/**
+ * Base class for NetworkAclEntries
+ *
+ *
+ */
+declare abstract class NetworkAclEntryBase extends AwsConstructBase implements INetworkAclEntry {
+    get networkAclEntryOutputs(): NetworkAclEntryOutputs;
+    get outputs(): Record<string, any>;
+    abstract readonly networkAcl: INetworkAcl;
+}
+/**
+ * Direction of traffic the AclEntry applies to
+ *
+ *
+ */
+export declare enum TrafficDirection {
+    /**
+     * Traffic leaving the subnet
+     */
+    EGRESS = 0,
+    /**
+     * Traffic entering the subnet
+     */
+    INGRESS = 1
+}
+/**
+ * Basic NetworkACL entry props
+ *
+ *
+ */
+export interface CommonNetworkAclEntryOptions {
+    /**
+     * The CIDR range to allow or deny.
+     */
+    readonly cidr: AclCidr;
+    /**
+     * What kind of traffic this ACL rule applies to
+     */
+    readonly traffic: AclTraffic;
+    /**
+     * Traffic direction, with respect to the subnet, this rule applies to
+     *
+     * @default TrafficDirection.INGRESS
+     */
+    readonly direction?: TrafficDirection;
+    /**
+     * Whether to allow or deny traffic that matches the rule; valid values are "allow" or "deny".
+     *
+     * Any traffic that is not explicitly allowed is automatically denied in a custom
+     * ACL, all traffic is automatically allowed in a default ACL.
+     *
+     * @default ALLOW
+     */
+    readonly ruleAction?: Action;
+    /**
+     * Rule number to assign to the entry, such as 100. ACL entries are processed in ascending order by rule number.
+     * Entries can't use the same rule number unless one is an egress rule and the other is an ingress rule.
+     */
+    readonly ruleNumber: number;
+}
+/**
+ * Properties to create NetworkAclEntry
+ *
+ *
+ */
+export interface NetworkAclEntryProps extends CommonNetworkAclEntryOptions, AwsConstructProps {
+    /**
+     * The network ACL this entry applies to.
+     */
+    readonly networkAcl: INetworkAcl;
+}
+/**
+ * Define an entry in a Network ACL table
+ *
+ *
+ */
+export declare class NetworkAclEntry extends NetworkAclEntryBase {
+    readonly networkAcl: INetworkAcl;
+    resource: tfNetworkAclRule.NetworkAclRule;
+    constructor(scope: Construct, id: string, props: NetworkAclEntryProps);
+}
+export interface SubnetNetworkAclAssociationOutputs {
+    /**
+     * The ID of the SubnetNetworkAclAssociation
+     */
+    readonly subnetNetworkAclAssociationAssociationId: string;
+}
+/**
+ * A SubnetNetworkAclAssociation
+ *
+ *
+ */
+export interface ISubnetNetworkAclAssociation extends IAwsConstruct {
+    readonly subnetNetworkAclAssociationOutputs: SubnetNetworkAclAssociationOutputs;
+    /**
+     * ID for the current SubnetNetworkAclAssociation
+     * @attribute
+     */
+    readonly subnetNetworkAclAssociationAssociationId: string;
+}
+/**
+ * Properties to create a SubnetNetworkAclAssociation
+ *
+ *
+ */
+export interface SubnetNetworkAclAssociationProps extends AwsConstructProps {
+    /**
+     * The Network ACL this association is defined for
+     *
+     * @attribute
+     */
+    readonly networkAcl: INetworkAcl;
+    /**
+     * ID of the Subnet
+     * @attribute
+     */
+    readonly subnet: ISubnet;
+}
+/**
+ * Associate a network ACL with a subnet
+ *
+ *
+ */
+declare abstract class SubnetNetworkAclAssociationBase extends AwsConstructBase implements ISubnetNetworkAclAssociation {
+    get subnetNetworkAclAssociationOutputs(): SubnetNetworkAclAssociationOutputs;
+    get outputs(): Record<string, any>;
+    abstract readonly subnetNetworkAclAssociationAssociationId: string;
+}
+export declare class SubnetNetworkAclAssociation extends SubnetNetworkAclAssociationBase {
+    static fromSubnetNetworkAclAssociationAssociationId(scope: Construct, id: string, subnetNetworkAclAssociationAssociationId: string): ISubnetNetworkAclAssociation;
+    /**
+     * ID for the current SubnetNetworkAclAssociation
+     * @attribute
+     */
+    readonly subnetNetworkAclAssociationAssociationId: string;
+    /**
+     * ID for the current Network ACL
+     * @attribute
+     */
+    readonly networkAcl: INetworkAcl;
+    /**
+     * ID of the Subnet
+     * @attribute
+     */
+    readonly subnet: ISubnet;
+    private association;
+    constructor(scope: Construct, id: string, props: SubnetNetworkAclAssociationProps);
+}
+export {};